I’m hosting mail servers for over a decade now. They are all very low frequency, so probably not a lot of attackers find them. I try to enable as many automatic updates as possible, because I don’t operate them professionally. Just every few months I check if all updates are installed, and if there is something wrong. So far I only had two hacked accounts (probably the users got phished or used compromised public PCs while logging in to webmail - the country of the attacker was the same where they were on holiday).
So far no break-ins that I noticed. But it is for sure possible that somebody broke in without me noticing (and did nothing worth noticing).
So far no break-ins that I noticed. But it is for sure possible that somebody broke in without me noticing (and did nothing worth noticing).